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In the claims : The claims are as follows. 

1. (Previously presented) A method for registering a user 
equipment terminal with a multimedia network, so as to allow the 
user equipment terminal to access, over a digital communication 
system, a multimedia network service to which the user equipment 
terminal is subscribed, the method comprising: 

a serving call session control function of the multimedia 
network sending an authentication vector request message to a 
home subscriber server, and 

the home subscriber server responding by providing in an 
authentication vector request response message a field indicating 
a list of services to which the user equipment terminal is 
subscribed along with either information that allows establishing 
security associations for each such service or information that 
could be used as keying material or other input for other 
security mechanisms specific to each service. 

2. (Previously presented) The method as in claim 1, wherein in 
responding to the authentication vector request response message, 
the serving call session control function of the multimedia 
network adds the information included in the authentication 
vector request response message to an authorization challenge 
message and forwards it to an interrogating call session control 
function of the multimedia network. 

3. (Previously presented) The method as in claim 2, wherein when 
the interrogating call session control function receives the 
authorization challenge message, it forwards the message as a 
forwarded authorization challenge message to a proxy call session 
control function of the multimedia network, which parses the 
forwarded authorization challenge message, generates security 
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policy database entries and corresponding security associations 
for both the proxy call session control function and the user 
equipment terminal, inserts its security policy database entries 
in its security policy database and corresponding security 
associations into its security association database, and provides 
in an updated authorization challenge message for the user 
equipment terminal the security policy database entries and 
corresponding security associations. 

4. (Previously presented) The method as in claim 3, wherein 
after receiving the updated authorization challenge message, the 
user equipment terminal inserts the security policy database 
entries into its security policy database and inserts the 
corresponding security associations into its security association 
database. 

5. (Previously presented) The method as in claim 4, further 
comprising keeping a register for all services to allocate 
numbers used to derive keys for each service or part of a 
service . 

6. (Previously presented) The method as in claim 5, wherein the 
keys are an integrity key and a cipher key and are derived by 
applying a mapping to an argument including the number allocated 
to the respective service or part of a service by the register 
being kept . 

7. (Previously presented) A method for registering a user 
equipment terminal with a multimedia network so as to allow the 
user equipment terminal to access, over a digital communication 
system, a multimedia network service to which the user equipment 
terminal is subscribed, the method comprising: 



-3- 



Attorney Docket No.: 944-1.68 
Serial No.: 10/082,534 



a proxy call session control function of the multimedia 
network communicating to the user equipment terminal an 
authorization challenge message, wherein the authorization 
challenge message includes at least one security policy database 
entry and a corresponding security association derived by the 
proxy call session control function from information provided to 
the proxy call session control function indicating services to 
which the user equipment terminal is subscribed along with either 
information that allows establishing security associations for 
each such service or information that could be used as keying 
material or other input for other security mechanisms specific to 
each service, and 

the user equipment terminal inserting the at least one 
security policy database entry into its security policy database 
and the corresponding security association into its security 
association database, so that for a predetermined time any 
traffic between the user equipment terminal and the proxy call 
session control function is secure for the services to which the 
user equipment terminal is subscribed. 

8. (Previously presented) The method as in claim 7, further 
comprising keeping a register for all services to allocate 
numbers used to derive keys for each service or part of a 
service . 

9. (Previously presented) The method as in claim 8, wherein the 
keys are an integrity key and a cipher key and are derived by 
applying a mapping to an argument including the number allocated 
to the respective service or part of a service by the register 
being kept. 

10. (Previously presented) A user equipment terminal, 
comprising: 
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means, responsive to an authorization challenge message from 
a proxy call session control function of a multimedia network, 
wherein the authorization challenge message includes at least one 
security policy database entry and a corresponding security 
association derived by the proxy call session control function 
from information provided to the proxy call session control 
function indicating services to which the user equipment terminal 
is subscribed along with either information that allows 
establishing security associations for each such service or 
information that could be used as keying material or other input 
for other security mechanisms specific to each service, for 
inserting the at least one security policy database entry into 
its security policy database, and 

means, also responsive to the authorization challenge 
message, for inserting the corresponding security association 
into its security association database. 

11. (Previously presented) A multimedia network comprising a 
serving call session control function and a home subscriber 
server, wherein the serving call session control function 
includes means for sending an authentication vector request 
message to the home subscriber server, and the home subscriber 
server includes means for providing, in response to the 
authentication vector request message, an authentication vector 
request response message including a field indicating a list of 
services to which a user equipment terminal is subscribed along 
with either information that allows establishing security 
associations for each such service or information that could be 
used as keying material or other input for other security 
mechanisms specific to each service. 

12. (Previously presented) A user equipment terminal, 
comprising : 
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a first application program interface, responsive to an 
authorization challenge message from a proxy call session control 
function of a multimedia network, wherein the authorization 
challenge message includes at least one security policy database 
entry and a corresponding security association derived by the 
proxy call session control function from information provided to 
the proxy call session control function indicating services to 
which the user equipment terminal is subscribed along with either 
information that allows establishing security associations for 
each such service or information that could be used as keying 
material or other input for other security mechanisms specific to 
each service, for inserting the at least one security policy 
database entry into its security policy database, and 

a second application program interface, also responsive to 
the authorization challenge message, for inserting the 
corresponding security association into its security association 
database . 

13. (Previously presented) A multimedia network, comprising a 
serving call session control function and a home subscriber 
server, wherein the serving call session control function is 
configured to send an authentication vector request message to 
the home subscriber server, and the home subscriber server is 
configured to provide to the call session control function, in 
response to the authentication vector request message, an 
authentication vector request response message including a field 
indicating a list of services to which a user equipment terminal 
is subscribed along with either information that allows 
establishing security associations for each such service or 
information that could be used as keying material or other input 
for other security mechanisms specific to each service. 

14. (Previously presented) The multimedia network as in claim 
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13, further comprising an interrogating call session control 
function, and wherein in response to the authentication vector 
request response message, the serving call session control 
function is configured to add the information included in the 
authentication vector request response message to an 
authorization challenge message and to forward it to the 
interrogating call session control function. 

15. (Previously presented) The multimedia network as in claim 

14, further comprising a proxy call session control function, and 
wherein the interrogating call session control function is 
configured so that in response to the authorization challenge 
message, it forwards the message as a forwarded authorization 
challenge message to the proxy call session control function, 
which is configured to then parse the forwarded authorization 
challenge message, generate security policy database entries and 
corresponding security associations for both the proxy call 
session control function and the user equipment terminal, insert 
its security policy database entries in its security policy 
database and corresponding security associations into its 
security association database, and provide in an updated 
authorization challenge message for the user equipment terminal 
the security policy database entries and corresponding security 
associations . 

16. (Previously presented) The multimedia network as in claim 
13, further comprising a register for all services to allocate 
numbers used to derive keys for each service or part of a 
service. 

17. (Previously presented) The multimedia network as in claim 
16, wherein the keys are an integrity key and a cipher key both 
derived from a mapping to an argument including the number 
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allocated to the respective service or part of a service included 
in the register. 
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